Watchtowers fortify the Lightning Network against fraud
A Bitcoin scaling solution, the Lightning Network adds a second layer to the Bitcoin blockchain that allows users to create payment channels between any two parties. The payment channels can be closed after use or kept open indefinitely. Because they’re set up between two parties, transactions are instant and fees are extremely low. Lightning makes it possible for Bitcoiners to use the payment network to pay for items of low value, such as a cup of coffee, without incurring the larger fees and longer confirmation times of the main Bitcoin blockchain. But while the network has seen significant adoption — with 8,789 nodes running 34,650 channels at the time of writing — the technology is still in the experimental stage and it involves certain risks, including the potential for fraud. By supervising the activity on the network, the new ‘watchtowers’ aim to eliminate the possibility that the party on the other side of your channel could cheat you out of your funds.
The software architecture — which was initially proposed in the original Lightning white paper of 2016 — has been implemented into the Lightning Network Daemon with June's update. It will allow network participants to enlist the protection of a transaction monitoring service that prevents users from committing fraud by rebroadcasting old transactions.
Payment channel protection
As Blockstream researcher Christian Decker suggests, opening a channel on the Lightning Network can be thought of as "putting a few bucks on the table, and then deciding how to split these funds."
The analogy can be extended with the help of famous fictional cryptographic couple Alice and Bob. When a Lightning channel is opened, Alice and Bob might both put 5,000 satoshis on the table, making a total of 10,000 satoshis. Alice might then decide to pay Bob for a coffee at the cost of 2,000 satoshis, leaving a total of 3,000 on the table for Alice, and 7,000 for Bob.
But if Bob goes home to sleep, takes a trip, or loses his internet connection, the transaction is open to foul play. Should Alice have nefarious intentions, when it comes time to close the channel, she could broadcast the first state of the channel, instead of the final state. This event is known as a fraudulent channel close and would mean that both Alice and Bob get their 5,000 satoshis back, giving Alice a completely free cup of coffee.
After the channel has closed, there is a time period in which either party could raise the alarm, but in the event of a prolonged absence, this period will expire. Without watchtowers, the only way for Bob to prevent Alice from stealing the funds would be to stay online, which is a unrealistic from a user experience perspective — like having to maintain an internet connection to monitor your bank account against the threat of fraud.
The watchtower acts as a third party that watches over Alice and Bob's table to monitor transactions and detect foul play, so if Alice tries to defraud Bob, the watchtower will alert him to retrieve the funds.
Building the watchtowers
After being first conceptualized in the original Lightning Network white paper, various implementations of watchtowers have been put to the test, including in MIT’s Lit, a lightweight version of the Lightning Network led by Lightning Labs co-founder Thaddeus Dryja.
But the new release, which has reportedly been worked on since the beginning of 2018, is thought to be the most advanced implementation of watchtowers intended for real-world use so far. Unlike previous iterations, the watchtowers, which are essentially just Lightning nodes with a different dedicated algorithm, will be able to be run by anyone.
This allows both individuals and businesses accepting or sending payments on the Lightning Network to run their own towers to protect their nodes. Those that don't want to run their own towers, which does come with an associated cost in terms of network data, can connect to external towers to protect their transactions.
At present, these towers are not set up to receive rewards for monitoring transactions, but this could change in future versions of the software. In a tweet announcing the implementation, Lightning Labs engineer Alex Bosworth suggested the next iteration could see watchtowers equipped with incentive models like 'ecash tokens' that would compensate third party nodes for operational costs.